Lucene search
K

89 matches found

securityvulns
securityvulns
added 2008/12/22 12:0 a.m.58 views

PHP 4 multiple function buffer overflows

Buffer overflows in mb functions...

10CVSS3.4AI score0.07371EPSS
Exploits2References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/12/19 12:0 a.m.45 views

JVN#50327700 PHP vulnerable to cross-site scripting

PHP is an open source scripting language that is especially suited for Web development. PHP contains a cross-site scripting vulnerability as it does not properly handle errors. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

2.6CVSS8.9AI score0.01859EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.28 views

Gentoo Security Advisory GLSA 200603-22 (php)

The remote host is missing updates announced in advisory GLSA 200603-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.04348EPSS
Exploits0References4
0day.today
0day.today
added 2008/09/16 12:0 a.m.16 views

Gonafish LinksCaffePRO 4.5 (index.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability ================================================================== /\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/16 12:0 a.m.21 views

gonafish-sql.txt

/\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ \ \ \ \ /',\ \ \ \ \ \ \ \ /\ /'\ /'\ \ \ \ /\ ,\ /, \ \ \ \ ,\ \ \ \ // / // /\//\///\/\ \ \/\ // // // //////// //// security breakd0wn! Title: Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability Vendor:...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.25 views

php -- readfile() DoS vulnerability

The remote host is missing an update to the system as announced in the referenced advisory. VID 07f3fe15-a9de-11d9-a788-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

2.1CVSS6.7AI score0.0038EPSS
Exploits0
myhack58
myhack58
added 2008/07/11 12:0 a.m.194 views

php escapeshellcmd multibyte encoding vulnerability analysis and extension-a vulnerability warning-the black bar safety net

漏洞 公告 在 http://www.sektioneins.de/advisories/SE-2008-03.txt PHP 5 = 5.2.5 PHP 4 = 4.4.8 Some allow as GBK, EUC-KR, SJIS, etc. wide byte character set systems may be affected by this impact, the impact is still very large, the domestic virtual host should be the pass to kill, in testing this...

7.9AI score
Exploits0
Packet Storm
Packet Storm
added 2008/06/10 12:0 a.m.22 views

teldir-delete.txt

!/usr/bin/perl -w Telephone Directory 2008 see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya ---------------------------------------------------------------------------- TITLE: PerlSploit Class REQUIREMENTS: PHP 4 /...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/06/10 12:0 a.m.14 views

Telephone Directory 2008 Arbitrary Delete Contact Exploit

No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/06/09 12:0 a.m.20 views

Telephone Directory 2008 Arbitrary Delete Contact Exploit

No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/05/29 12:0 a.m.15 views

phpBookingCalendar 10 d - SQL Injection

phpBookingCalendar 10 d - SQL Injection Portal :PHP Booking Calendar 10 d sql/upload Exploit Modified 2008 Download : https://sourceforge.net/project/showfiles.php?groupid=132702 exploit aported password crypted Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/19 12:0 a.m.28 views

archangelweblog-sql.txt

!/usr/bin/perl -w Portal : Archangel Weblog 0.90.02 Download : http://www.archangelmgt.com/ArchangelWeblogv09002.zip exploit aported password crypted mgharba :d:d:d:d Founded & Exploited by : Stack-Terrorist v40 Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & Str0ke & All...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/05/07 9:20 p.m.42 views

CVE-2008-2108

The GENERATESEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against...

9.8CVSS7.2AI score0.04289EPSS
Exploits1References2
0day.today
0day.today
added 2008/01/22 12:0 a.m.15 views

Coppermine Photo Gallery <= 1.4.14 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== Coppermine Photo Gallery table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print...

7.1AI score
Exploits0
Prion
Prion
added 2007/10/12 11:17 p.m.19 views

Design/Logic Flaw

The disablefunctions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using inialter when iniset is disabled...

7.5CVSS6.8AI score0.01689EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2007/10/07 12:0 a.m.25 views

Verlihub Control Panel 1.7.x - Local File Inclusion

Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ? $GET'page' :...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/10/07 12:0 a.m.29 views

Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== Verlihub Control Panel dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ?...

7.1AI score
Exploits0
Prion
Prion
added 2007/09/04 10:17 p.m.20 views

Format string

The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...

7.5CVSS6.4AI score0.02025EPSS
Exploits0References38Affected Software1
Cvelist
Cvelist
added 2007/09/04 10:0 p.m.23 views

CVE-2007-4658

The moneyformat function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple 1 %i and 2 %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability...

7.5AI score0.02025EPSS
Exploits0References38
Prion
Prion
added 2007/09/04 6:17 p.m.28 views

Design/Logic Flaw

The 1 MySQL and 2 MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safemode and openbasedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE...

7.5CVSS6.6AI score0.13818EPSS
Exploits7References21Affected Software1
Rows per page
Query Builder